Load Testing a Rails App With Apache Bench

In preparation for a public launch, we ran a cursory load test to ensure that our rails application could handle a reasonable amount of traffic. Apache Bench is very easy to use, but the initial setup is a little confusing, especially if your site requires users to log in.

Collecting a cookie

The first step is to log into our website and store the cookie, so we can use it to make requests as an authenticated user.

Rails uses an authenticity token to protect the login page from CSRF attacks, so collecting a cookie with cURL is a bit of a hassle. We’ll first need to capture the authenticity token:

Notice that we need to pass both the --cookie and --cookie-jar options. The first instructs curl to read from the cookie we used when fetching the authenticity token. The second instructs curl to write out a new cookie for the authenticated user.

We can test that this cookie is actually valid by attempting to fetch an internal page: